Last update: 17:06 | 04/01/2018
Verisign’s Q3 2017 DDoS Trends report showed that 29 per cent of attacks in Q3 2017 employed five or more attack types.
However, the number of attacks has decreased since Q2 2017.
The largest volumetric and highest intensity DDoS attack observed by Verisign in Q3 2017 was a multi-vector attack that peaked approximately 2.5 gigabits per second (Gbps) and around 1 million packets per second (Mpps). This attack lasted approximately two-and-a-half hours. The attack was notable because it consisted primarily of a wide range of attack vectors, including TCP SYN and TCP RST floods, DNS, ICMP and Chargen Amplification attacks and invalid packets.
The report said that 56 per cent of DDoS attacks were User Datagram Protocol (UDP) floods; 88 per cent of DDoS attacks mitigated by Verisign in Q3 2017 employed multiple attack types. The IT/Cloud/SaaS industry, representing 45 per cent of mitigation activity, was the most frequently targetted industry for the 12th consecutive quarter. The financial sector industry experienced the second highest number of DDoS attacks, representing 20 per cent of mitigation activity.
IT experts suggested to companies to deploy security technology such as DNS firewall, email filtering and other security solutions and to keep them up to date. No technology offered 100 per cent network protection, so organisations needed to implement a layered approach to security that includes both technology and user education. As attackers grow increasingly adept at creating “smarter” malware to circumvent individual protection, it becomes more important to layer these and other security controls, including taking measures at the DNS level.
Verisign DDoS Trends Reports throughout 2017 have reported a decline in the size of and number of DDoS attacks. This trend does not necessarily mean, however, that DDoS attacks are going away or that companies should be complacent. Now, is a good time for organisations to review all aspects of their network and application of security solutions to protect themselves against DDoS attacks or future security threats.
The recently released report, represents a unique view into the attack trends unfolding online, through observations and insights derived from the distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services. — VNS